General
-
Target
c033b5fbd91c03da9012cf0918b3a44f_JaffaCakes118
-
Size
486KB
-
Sample
240825-hvs7ws1era
-
MD5
c033b5fbd91c03da9012cf0918b3a44f
-
SHA1
eab2bd00cd633a12fb77a6fa1cde40424b1d7de8
-
SHA256
38a2c459706f31bb087a4cc6310f5b7e24f5d1ce3af5568934477849c01d4c8b
-
SHA512
4ea01afa0b0623aa1c8265fdbe698c89c0bb702190a20682142e24604710fd6865198710704ed27079d6286bf5fe297857db047cdbfb17b9e7822408b89b12ef
-
SSDEEP
12288:JvLl6neZujyhrqBrmGacK7ocZulUuGkMKIE1jGh45/+lX:JvLlmeZu+2Brm1V7oi3k4Hh45/+R
Static task
static1
Behavioral task
behavioral1
Sample
c033b5fbd91c03da9012cf0918b3a44f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c033b5fbd91c03da9012cf0918b3a44f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c033b5fbd91c03da9012cf0918b3a44f_JaffaCakes118
-
Size
486KB
-
MD5
c033b5fbd91c03da9012cf0918b3a44f
-
SHA1
eab2bd00cd633a12fb77a6fa1cde40424b1d7de8
-
SHA256
38a2c459706f31bb087a4cc6310f5b7e24f5d1ce3af5568934477849c01d4c8b
-
SHA512
4ea01afa0b0623aa1c8265fdbe698c89c0bb702190a20682142e24604710fd6865198710704ed27079d6286bf5fe297857db047cdbfb17b9e7822408b89b12ef
-
SSDEEP
12288:JvLl6neZujyhrqBrmGacK7ocZulUuGkMKIE1jGh45/+lX:JvLlmeZu+2Brm1V7oi3k4Hh45/+R
Score10/10-
Modifies WinLogon for persistence
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-